Shield Documentation

What is Shield? 🤔

Shield is the official authentication and authorization framework for CodeIgniter 4. While it does provide a base set of tools that are commonly used in websites, it is designed to be flexible and easily customizable.

Primary Goals 🥅

The primary goals for Shield are:

It must be very flexible and allow developers to extend/override almost any part of it.
It must have security at its core. It is an auth lib after all.
To cover many auth needs right out of the box, but be simple to add additional functionality to.

Important Features 🌠

Session-based Authentication (traditional ID/Password with Remember-me)
Stateless Authentication using Access Token, HMAC SHA256 Token, or JWT
Optional Email verification on account registration
Optional Email-based Two-Factor Authentication after login
Magic Link Login when a user forgets their password
Flexible Group-based Access Control (think Roles, but more flexible), and users can be granted additional Permissions
A simple Auth Helper that provides access to the most common auth actions
Save initial settings in your code, so it can be in version control, but can also be updated in the database, thanks to our Settings library
Highly configurable
User Entity and User Provider (UserModel) ready for you to use or extend
Built to extend and modify
- Easily extendable controllers
- All required views that can be used as is or swapped out for your own

License 📑

Shield is licensed under the MIT License - see the LICENSE file for details.

Acknowledgements 🙌🏼

Every open-source project depends on it's contributors to be a success. The following users have contributed in one manner or another in making Shield:

Made with contrib.rocks.

The following articles/sites have been fundamental in shaping the security and best practices used within this library, in no particular order:

Last update: October 3, 2023
Created: June 27, 2022